KLA11337
Multiple DoS vulnerabilities in Wireshark
Обновлено: 26/06/2019
Дата обнаружения
10/10/2018
Уровень угрозы
High
Описание

Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities:

  1. An unspecified vulnerability in the MS-WSP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
  2. An unspecified vulnerability in the Steam IHS Discovery dissector can be exploited remotely via malformed packet trace file to cause denial of service;
  3. An unspecified vulnerability in the CoAP dissector can be exploited remotely via malformed packet trace file to cause denial of service;
  4. An unspecified vulnerability in the OpcUa dissector can be exploited remotely via malformed packet trace file to cause denial of service;
Пораженные продукты

Wireshark 2.6.x earlier than 2.6.4
Wireshark 2.4.x earlier than 2.4.10

Решение

Update to the latest version
Get Wireshark

Первичный источник обнаружения
wnpa-sec-2018-47
wnpa-sec-2018-48
wnpa-sec-2018-49
wnpa-sec-2018-50
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Wireshark
CVE-IDS
CVE-2018-182275.0Critical
CVE-2018-182265.0Critical
CVE-2018-182255.0Critical
CVE-2018-120865.0Critical